Date: Sun, 29 Mar 2015 02:21:48 -0400 (EDT)
From: cve-assign@...re.org
To: carnil@...ian.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: arj: free on invalid pointer due to to buffer overflow
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Jakub Wilk reported arj crashing on a ARJ file in [1]. Guillem Jover
> pointed out that the invalid pointer is due to a buffer overflow write
> access initiated by a value which is under user control, see [2]. He
> prepared as well a patch for this issue[3]. Could assign a CVE for
> this issue?
>
> [1] https://bugs.debian.org/774015
> [2] https://bugs.debian.org/774015#11
> [3] http://git.hadrons.org/gitweb/?p=debian/pkgs/arj.git;a=blob_plain;f=debian/patches/security-afl.patch
For purposes of determining the number of CVE IDs,
https://bugs.debian.org/774015#11 is considered a 2015 vulnerability
announcement, and https://bugs.debian.org/774015#3 is not considered a
vulnerability announcement at all.
(There was another conceivable interpretation in which part of
security-afl.patch fixed an issue discovered by Jakub Wilk in 2014,
and another part of security-afl.patch fixed a second similar issue
discovered by Guillem Jover in 2015, with two CVEs. We aren't doing
that here.)
Use CVE-2015-2782.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)
iQEcBAEBAgAGBQJVF5mQAAoJEKllVAevmvmsTmEH/ReeQDQTDs+tTkIjaKluhuwV
0U2+fpmNTkKfkr2Gf8CWaQ891Topc/c+dIEMVmuIJuWMJVdYfJ3V8ifB0n4U8srO
Jd4TYqgsWP4xoPBmQtEev5bxPk00/yhnlFv6xUF8Sic2iloLbzEKG+vnBaMCuvxr
uUSu5/xOCPZhxwJAYww0FzS1ZrV4D12iDLtEobfpPq9EEdrQdgMa6n/luX7Lrowe
tDiJTT2vG8I0ITIi5E7itAFTYqcjmWgQ8pt4qqYEeMdgDCsoTEwJz8k8U+JnrjQC
CEVixkXwkY8xxvNzlQE1zArRM6869qWVzCDT2tiTcoMXcPYuDQwAG6VUBGp+XEQ=
=+r+1
-----END PGP SIGNATURE-----